<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Using that now to rate limit the players. I was getting lots of
error messages in the kernel log when I was using -hashlimit
everywhere...<br>
<br>
<i>Boyd</i><br>
<div class="moz-signature"><br>
</div>
<br>
On 03/09/2012 04:58 PM, Ruediger Meier wrote:
<blockquote cite="mid:201203092358.18485.sweet_f_a@gmx.de"
type="cite">
<pre wrap="">On Friday 09 March 2012, Boyd G. Gafford Ph.D. wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Limit per IP is done via the --hashlimit module, and the kernel can
get hit hard if try to hash millions of random IPs and allocate the
memory for them.
If there is another way to limit by IP besides --hashlimit that
doesn't require dynamic allocation I'm all ears!
</pre>
</blockquote>
<pre wrap="">
what about
--hashlimit-htable-size buckets
The number of buckets of the hash table
--hashlimit-htable-max entries
Maximum entries in the hash.
--hashlimit-htable-expire msec
After how many milliseconds do hash entries expire
--hashlimit-htable-gcinterval msec
How many milliseconds between garbage collection
Since all your limit rules are per 1 second anyway you can keep the hash
tables very small.
cu,
Rudi
_______________________________________________
cod mailing list
<a class="moz-txt-link-abbreviated" href="mailto:cod@icculus.org">cod@icculus.org</a>
<a class="moz-txt-link-freetext" href="http://icculus.org/mailman/listinfo/cod">http://icculus.org/mailman/listinfo/cod</a>
</pre>
</blockquote>
</body>
</html>